No surprise. I recently disposed of a Sagar laptop that died on me. All three of it's drives are sitting in a drawer here. For me the smartest way to handle data on a phone is to not have any there in the first place.
My wife had a Surface Pro 3 for about a week before it had charging problems and had to go back. I did the random data overwrite method. When we got the replacement laptop Microsoft told me it was a new laptop. Needless to say basic data recovery was able to confirm they were not telling the truth. Spent 3 hours talking to Microsoft representatives who finally conceded the device was reused. Then spent another two hours asking for a refund and at every turn they told me the only option was another refurb. Ended up going into a Microsoft Store where I got somebody a little more knowledgeable and got a refund in 5 minutes. Lets just say there was enough data to identify the owner and file a tax return for them. Fortunately when I returned the refurb unit I did the random overwrite beforehand. Ended up buying a Lenovo for my wife and conveniently you can get a warranty which allows you to keep the hard drive.
It's not always possible to perform erasure on storage media downstream because the device or drive has failed. This only leaves physical destruction (which in the ultra-secure case includes pretty small pieces and many chips on the motherboard!). But this is all an argument for strong encryption from the outset, without backdoors. In the EU, I believe the DP authorities are negligent in not demanding tnat businesses do so for ALL business records.
Good points. In addition; I strongly prefer to start with a clean new drive and immediately encrypt it BEFORE sector sparing starts. Once a drive sector goes bad it can't be written to. Even (FDE) encryption of the drive will not touch that specific sector space, nor will wiping programs for the most part. The problem is high end recovery hardware can often retrieve those sectors and pick up bits and pieces that you "thought" you obfuscated with encryption. If you start with a clean new drive platter this is a non-issue. USB flash drives are the worst offenders. Therefore; homeowner quality FDE tools cannot be impactful where sector sparing exists. I am making this post in case some here just started using encryption on say an old machine. Sector sparing can start earlier than you imagine. Not trying to incite panic, just reality of how sectors are removed from use by the hardware's firmware when they go bad.
Yes, what you see as a drive's usable sectors is by no means what's there. There's also issues where some device types with storage (e.g. mp3 players, cameras etc which do not encrypt and only do noddy formatting or reset), cannot be properly erased unless you are able to remove the memory and perform that action independently. You can write files to the space limit which achieves some protection though.
These people are super serious about data destruction ..... check out the five options on their menu . I have no idea about prices .... I didn't bother to look .... http://www.datastroyer.com/press/blog/252-hard-drive-data-destruction-equipment.html -
I currently encrypt all my drives and destroy them using an electric drill when done. Although I am thinking of switching to thermite next. More for fun than destructive value https://www.youtube.com/watch?v=YlAZR7NoQTA
I've found that a wood fire is adequate Use a 15 liter steel can, with holes punched around the bottom edge, for air intake. Set it on bricks. Use dry wood. Throw in some paraffin wax to get the fire going well. Then add drives etc. Yes, there's some toxic waste, but hey
You are going to give privacy advocates a bad name as being boring How else can we relate privacy to the modern generation. The bigger the explosion the better.
Fair enough Thermite is easy to make. Aluminum and rust. But it's hard to ignite. And getting magnesium ribbon may be nontrivial.
Which "this"? With thermite, you'll burn off everything but steel, and even that will be melted. With a strong wood fire, you'll also burn off everything but steel. That includes the platters, except for axles. I can't imagine that any magnetization survives.
Well, not thermite! But my understanding is that the Curie point for modern materials is over 1,000 C which a wood fire probably won't achieve. Of course, if the platters are melting that'd be moot. Is that what happens?
It's been a few years. But yes, I don't recall that platters survived. I gather that some are aluminum. They'd burn. Others are glass or ceramic, and I suppose that they melt. Or maybe oxidize too.
Thats why I like thermite, 2500C. More than enough to do the job and a lot of fun at the same time. I am sure the wood fire would probably do a similar job. If it was recoverable it would be very very expensive.
Some of the mechanical approaches that are used, where that isn't shredding into small pieces, they will bend the platters - which I imagine would make it prohibitive to attempt any reconstruction because the head gaps are so small, the slightest deviation would result in a head crash. With the wood fire approach, I think I'd at least attempt to prise off the electronics to avoid noxious fumes and make it even more difficult to reconstruct.
The more I look into this , the more complex the question becomes ..... " When does data on physical media become truly deleted , beyond any possibility of recovery ? " Burning and drilling are some of the more popular DIY methods of so-called " data destruction ". But there are specialist firms who can easily recover most of the data from a platter that was shattered by a hammer , for example . Modern tunneling microscopes can read nearly every Byte on a disk fragment , and the fact that it is in non-sequential chunks is irrelevant. I looked again at this website , and the range of data destruction products on offer ....covering three separate processes ... .... degaussing with massive magnetic fields , incineration , AND a metal shredder to finish ( if budget is not a problem ! ). I guess they are pitching their products at government departments , LEAs , and financial organizations. And yes , I love the Thermite reaction as much as anyone ..... let's give a big shout-out to the inner pyromaniac in all of us ! Sadly , in many parts of the world these days , there are some legal authorities who look upon this bit of harmless fun as intent to cause an explosion ............. what a bunch of kill-joys eh ? ....
" Unrecoverable " is a relative term. It will depend greatly on the amount of time , resources and specialized equipment available. In my opinion , writing zeroes across a drive serves only one purpose , to advertise the fact that data has been intentionally " deleted " , and thus inviting closer scrutiny. This is why utilities such as Eraser offer a choice of erase options :- Single pass , 3 passes , 7 or at the most extreme 35 passes ( known as the Gutmann method ). Also offered is a "plausible deniability " option where the user specifies a file whose contents are intentionally overwritten to the disc as one of the passes , making it appear as just normal junk data , such as one would find on any typical user's HDD. More on " Data Remanence " in this Wiki article .
I find encryption of all my data makes the destruction method less important. The destruction method is just the fun bit.
And going along with what I said earlier in this thread about encrypting BEFORE the drive is ever "dirty", the destruction becomes almost moot!